Cloud Source Repositories roles and permissions

This page lists the IAM roles and permissions for Cloud Source Repositories. To search through all roles and permissions, see the role and permission index.

Cloud Source Repositories roles

Role Permissions

Source Repository Administrator

(roles/source.admin)

Provides permissions to create, update, delete, list, clone, fetch, and browse repositories. Also provides permissions to read and change IAM policies.

Lowest-level resources where you can grant this role:

  • Repository

source.*

  • source.repos.create
  • source.repos.delete
  • source.repos.get
  • source.repos.getIamPolicy
  • source.repos.getProjectConfig
  • source.repos.list
  • source.repos.setIamPolicy
  • source.repos.update
  • source.repos.updateProjectConfig
  • source.repos.updateRepoConfig

Source Repository Reader

(roles/source.reader)

Provides permissions to list, clone, fetch, and browse repositories.

Lowest-level resources where you can grant this role:

  • Repository

source.repos.get

source.repos.list

Source Repository Writer

(roles/source.writer)

Provides permissions to list, clone, fetch, browse, and update repositories.

Lowest-level resources where you can grant this role:

  • Repository

source.repos.get

source.repos.list

source.repos.update

Cloud Source Repositories Service Agent

(roles/sourcerepo.serviceAgent)

Allow Cloud Source Repositories to integrate with other Cloud services.

iam.serviceAccounts.getAccessToken

pubsub.topics.publish

Cloud Source Repositories permissions

Permission Included in roles

source.repos.create

Owner (roles/owner)

Dev Ops (roles/iam.devOps)

Source Repository Administrator (roles/source.admin)

Service agent roles

source.repos.delete

Owner (roles/owner)

Dev Ops (roles/iam.devOps)

Source Repository Administrator (roles/source.admin)

source.repos.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Build Service Account (roles/cloudbuild.builds.builder)

Composer Worker (roles/composer.worker)

Dev Ops (roles/iam.devOps)

Support User (roles/iam.supportUser)

Cloud Run Builder (roles/run.builder)

Source Repository Administrator (roles/source.admin)

Source Repository Reader (roles/source.reader)

Source Repository Writer (roles/source.writer)

Telco Automation Admin (roles/telcoautomation.admin)

Service agent roles

source.repos.getIamPolicy

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Dev Ops (roles/iam.devOps)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Source Repository Administrator (roles/source.admin)

source.repos.getProjectConfig

Owner (roles/owner)

Dev Ops (roles/iam.devOps)

Source Repository Administrator (roles/source.admin)

source.repos.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Build Service Account (roles/cloudbuild.builds.builder)

Composer Worker (roles/composer.worker)

Dev Ops (roles/iam.devOps)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Source Repository Administrator (roles/source.admin)

Source Repository Reader (roles/source.reader)

Source Repository Writer (roles/source.writer)

Telco Automation Admin (roles/telcoautomation.admin)

Service agent roles

source.repos.setIamPolicy

Owner (roles/owner)

Dev Ops (roles/iam.devOps)

Security Admin (roles/iam.securityAdmin)

Source Repository Administrator (roles/source.admin)

source.repos.update

Owner (roles/owner)

Editor (roles/editor)

Dev Ops (roles/iam.devOps)

Source Repository Administrator (roles/source.admin)

Source Repository Writer (roles/source.writer)

source.repos.updateProjectConfig

Owner (roles/owner)

Dev Ops (roles/iam.devOps)

Source Repository Administrator (roles/source.admin)

source.repos.updateRepoConfig

Owner (roles/owner)

Dev Ops (roles/iam.devOps)

Source Repository Administrator (roles/source.admin)

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月10日 UTC.